White hat hijacking of RSS feeds

I subscribe to Guy Kawasaki’s feed.  Or at least I thought I did.  He’s an interesting writer and I like to read what he writes about. In my feed reader this morning there was post on his feed but when you read it you realize that it’s something else entirely:

This is an incredibly small blog that’s intended to: redirect you to Guy’s new feed, show Guy (and others) the reason why they don’t want to just let their Feedburner feeds get deleted, and gently inform Feedburner, Bloglines and others of a little problem that needs to be fixed.

For those of you who are are seeing this message in your feed reader and wondering why I’m not sounding like Guy Kawasaki, here’s the deal. You are subscribed to an outdated Feedburner feed that Guy allowed to lapse. You should unsubscribe to this feed and subscribe to his current feed, which is located at this URL:

http://feeds.feedburner.com/guykawasaki/Gypm

Message to Guy… See? This is what I’m talking about. By allowing your Feedburner feed to get deleted, you’ve opened your subscribers up to having somebody else (like me) to come along, create a feed by the same name in Feedburner, and capture the eyeballs of your subscribers.

Message to Feedburner… Ahem. Perhaps you want to think about the process by which feeds are deleted? Some kind of waiting period (a month, 6 months?) before somebody else can create a feed with the same name? Perhaps some kind of permission-granting thingy?

Message to Bloglines… Ahem. The reason I can do this is because of your tendency not to clear out the cache of “subscribable” feeds very often. I pounded Guy’s blog URL into your “Add” gizmo and got a huge list of feeds, including 2 obsolete Feedburner feeds. I found the “hijackable” feeds by going to the feed URLs in turn, and finding a couple that have been deleted from Feedburner.

If I was an unscrupulous type guy, I could put up a site that: looks just like Guy’s site but spoofs his unsuspecting subscribers into clicking on things by hijacking his credibility, or direct his subscribers to his competitors or do any of the things that people do with domain names that expire…

Yep, here’s the issue — this is just like dropping domain names. ‘Cause that’s what’s happening, a feed URL is being dropped in such a way that somebody could easily write a script to, um, snap up those domains.That’s it. Remember, Guy’s real feed has moved to:

http://feeds.feedburner.com/guykawasaki/Gypm

Onward,

Mike — www.haven.com

This is the risk of letting someone else manage your RSS feed.  I fall victim to the same flaw as I too use FeedBurner to manage my RSS feed.  This wouldn’t happen if I managed it myself.  I don’t have the readership that Guy does so it’s not really a big risk to me to use FeedBurner but Mike here has shown that it’s not that difficult to hijack a feed.  He’s white hat in that he’s redirecting people to Guy’s proper feed but he could have continued to pretend he was Guy.  We’ll see if Guy responds to this at all (or if he even knows).

License

This work is published under a Creative Commons Attribution-NonCommercial-ShareAlike 2.0 Canada License.